rival
Active Member
Dear All,
in January Oracle released another patching document.
https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJDE
As you can see, JD Edwards 9.2 is affected. After searching you can find out that the only method of fixing this is to install the leatest Tools release 9.2.4.1(2)
I created a SR and requested a POC from Oracle to create a patch fix for our current TR. Oracle answer: we will not do this as this method of installing the latest TR is standard for years already.
Some questions:
Are you aware that a TR is the only way of patching these security issues?
Are you updating to the last TR 4 times a year when Oracle published the patching document? If not what is the strategy used to minimise these risks?
If you are surprised as well then I hope we can combine our strenghts to ask Oracle to create patches for existing tools releases.
Regards,
Ron
in January Oracle released another patching document.
https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJDE
As you can see, JD Edwards 9.2 is affected. After searching you can find out that the only method of fixing this is to install the leatest Tools release 9.2.4.1(2)
I created a SR and requested a POC from Oracle to create a patch fix for our current TR. Oracle answer: we will not do this as this method of installing the latest TR is standard for years already.
Some questions:
Are you aware that a TR is the only way of patching these security issues?
Are you updating to the last TR 4 times a year when Oracle published the patching document? If not what is the strategy used to minimise these risks?
If you are surprised as well then I hope we can combine our strenghts to ask Oracle to create patches for existing tools releases.
Regards,
Ron